package com.ease.platform.authorization.support;

import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.ease.platform.authorization.util.AuthorizationContextThreadLocal;
import com.ease.platform.authorization.vo.AuthorizationContext;
import com.ease.platform.usercontext.support.UserContextSupportInterceptor;

/**
 * 
 * @author nathanleewei <nathanleewei>用来对第一入口做权限校验，其它不做权限管理，但是对应facade的方法，会带来无法验证权限的问题</nathanleewei>
 *         <liwei>那么AuthorizationInterceptor 不要拦在facade的方法上</liwei>
 * 
 */
public class AuthorizationInterceptor extends UserContextSupportInterceptor {

	private static final transient Log log = LogFactory.getLog(AuthorizationInterceptor.class);

	public Object invoke(MethodInvocation invocation) throws Throwable {
		AuthorizationContext currentAuthorizationContext = AuthorizationContextThreadLocal.getAuthorizationContext();
		try {
			if (null == currentAuthorizationContext) {
				AuthorizationContext authorizationContext = new AuthorizationContext();
				authorizationContext.setInterfaceOperation(this.getFirstProxiedInterfaceOperation(invocation));
				AuthorizationContextThreadLocal.setAuthorizationContext(authorizationContext);
			}
			return invocation.proceed();
		} catch (Throwable e) {
			log.error("AuthorizationContextThreadLocal.setAuthorizationContext", e);
			throw e;
		} finally {
			if (null == currentAuthorizationContext) {
				AuthorizationContextThreadLocal.remove();
			}
		}
	}
}
